Memory Graph

Security checks across malware telemetry and agentic risk

Overview

This is a local memory-graph skill, but its persistent database location and memory-use controls are under-scoped enough that users should review it before installing.

Install only if you want a persistent local knowledge graph. Before using it, change the hard-coded database path to a user-controlled workspace path, understand that imported code creates or opens the database, and avoid storing sensitive project or personal details unless you have clear retention and deletion practices.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Context-Inappropriate Capability

Medium

Confidence: 95% confidence
Finding: `stats()` returns `db_path`, which discloses the full local filesystem path of the persistent SQLite database. That unnecessarily reveals environment-specific information about the host user profile and storage layout, which can aid follow-on attacks, targeting of local files, or privacy leakage in a multi-skill/agent environment.

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The trigger phrases are very broad, generic, and lack any scoping, authorization, or contextual guardrails. In a memory/knowledge-graph skill, accidental or adversarial invocation could cause unintended persistence and retrieval of user/project data, enabling prompt-triggered data contamination, privacy leakage, or cross-task state manipulation.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal